MDL-29148 MNet - improved handling of a verification function return code
authorDavid Mudrak <david@moodle.com>
Sat, 27 Aug 2011 23:06:31 +0000 (01:06 +0200)
committerEloy Lafuente (stronk7) <stronk7@moodle.org>
Sun, 28 Aug 2011 23:48:55 +0000 (01:48 +0200)
mnet/xmlrpc/client.php

index 02a7cdc..39078d2 100644 (file)
@@ -295,7 +295,8 @@ class mnet_xmlrpc_client {
 
         // ok, it's signed, but is it signed with the right certificate ?
         // do this *after* we check for an out of date key
 
         // ok, it's signed, but is it signed with the right certificate ?
         // do this *after* we check for an out of date key
-        if (!openssl_verify($this->xmlrpcresponse, base64_decode($sig_parser->signature), $mnet_peer->public_key)) {
+        $verified = openssl_verify($this->xmlrpcresponse, base64_decode($sig_parser->signature), $mnet_peer->public_key);
+        if ($verified != 1) {
             $this->error[] = 'Invalid signature';
         }
 
             $this->error[] = 'Invalid signature';
         }